﻿<?php
	//global $user;
	session_start();
	
	include("main/db.php");
	$db=new Db();		 
 
	$userName=$_POST['userName'];
	$userPwd=$_POST['userPwd'];
	$type=$_POST['type'];
	$code=$_POST['code']; 
	$userPass=md5($userPwd);

	
	if($_POST['userName']==""){
    	echo "<script>alert('用户名为空！');</script>";
		echo "<script>history.back();</script>";
	}else if($_POST['userPwd']==""){
    	echo "<script>alert('请输入密码！');</script>";
		echo "<script>history.back();</script>";
	}else if(!isset($userName)){
		echo "<script>alert('请核对账户名称是否正确！');</script>";
		echo "<script>history.back();</script>";
	}else if(!isset($userPwd)){
		echo "<script>alert('请核对账户密码是否正确！');</script>";
		echo "<script>history.back();</script>";
	}else if(!isset($type)){
		echo "<script>alert('请核对账户类型是否正确！');</script>";
		echo "<script>history.back();</script>";
	}else if(!isset($code)){
		echo "<script>alert('请核对验证码是否正确！');</script>";
		echo "<script>history.back();</script>";
	}else if($_SESSION['VCODE']!=$code){
		echo "<script>alert('请核对验证码是否正确！');</script>";
		echo "<script>history.back();</script>";
	}
	
	//教师登录 type=1  	//教务处登录 type=2  	//系统管理员登录 type=3
	if('1'==$type){
		//教师登录
		$teacherInfo=$db->fetchRow("SELECT * FROM teacher_user WHERE username='$userName' and password='$userPass' ");
		if($teacherInfo!=NULL){
			if($teacherInfo['state']=='1'){
				$_SESSION['user']=$teacherInfo['username'];
				$_SESSION['type']="1";

				echo "<script>window.location='system/MainFrame.php'</script>";
			}else{
				echo "<script>alert('您的账户已经被禁用，请联系管理员！');</script>";
				echo "<script>history.go(-1)</script>";
			}
			
		}else{
			echo "<script>alert('输入的用户名或密码错误！');</script>";
			echo "<script>history.go(-1)</script>";
		}
	}else if('2'==$type){
		//教务处登录
		$sql="SELECT * FROM area_user WHERE username='$userName' and password='$userPass' ";
		$areauserInfo=$db->fetchRow($sql);
		if($areauserInfo!=NULL){
			if($areauserInfo['state']=='1'){
				$_SESSION['user']=$areauserInfo['username'];
				$_SESSION['area_id']=$areauserInfo['area_id'];
				/*echo "<script>alert('$_SESSION[area_id]');</script>";*/
				$_SESSION['type']="2";
				echo "<script>window.location='system/MainFrame.php'</script>";
			}else{
				echo "<script>alert('您的账户已经被禁用，请联系管理员！');</script>";
				echo "<script>history.go(-1)</script>";
			}
			
		}else{
			echo "<script>alert('输入的用户名或密码错误！');</script>";
			echo "<script>history.go(-1)</script>";
		}
	}else if('3'==$type){
		//系统管理员登录
		$adminInfo=$db->fetchRow("SELECT * FROM admin WHERE username='$userName' and password='$userPass'");
		if($adminInfo!=NULL){
			$_SESSION['user']=$adminInfo['username'];
			$_SESSION['type']="3";

			echo "<script>window.location='system/MainFrame.php'</script>";
		}else{
			echo "<script>alert('输入的用户名或密码错误！');</script>";
			echo "<script>history.go(-1)</script>";
		}
	}else{
		echo "<script>alert('请选择登录类型（角色）！');</script>";
		echo "<script>history.go(-1)</script>";
	}
	

?>